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This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1. (currently amended) A method of performing a service for a requestor on a 
computing platform, comprising: 

the requestor providing a specification of the service to be performed to the 
computing platform, wherein the specification of the service establishes specified levels 
of trust for at least one some of the processes in the service; 

the computing platform executing the service according to the specification and 
logging performance of at least one some of the processes for which a level of trust was 
specified; and 

the computing platform providing the requester with a log of the performance of 
the processes performed according to the specified levels of trust. 

2. (currently amended) A method as claimed in claim 1, wherein a level of trust is 
specified for at least two processes in the specification, and no performance logging 
takes place for at least one some of the processes for which a level of trust is specified in 
the specification. 

3. (original) A method as claimed in claim 1, wherein the computing platform contains a 
physically and logically protected computing environment. 

4. (original) A method as claimed in claim 3, wherein said physically and logically 
protected computing environment contains a monitoring process for measuring 
integrity of the computing platform. 
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5. (original) A method as claimed in claim 3, wherein a service management process 
allocates the execution of processes and logging of performance to discrete computing 
environments in or associated with the computing platform. 

6. (original) A method as claimed in claim 5, wherein the service management process is 
located within the protected computing environment. 

7. (original) A method as claimed in claim 5, wherein one or more of the discrete 
computing environments is a compartment containing a computing engine protected 
against influence from outside the compartment by operational or environmental 
constraints. 

8. (original) A method as claimed in claim 7, wherein the computing engine is a Java 
virtual machine. 

9. (original) A method as claimed in claim 7, wherein one or more compartments is 
located within the protected computing environment. 

10. (original) A method as claimed in claim 7, wherein the computing engine is 
constrained not to operate on input data if it is not permitted to do so. 

11. (original) A method as claimed in claim 10, wherein input data is provided with a 
data type, and a process is provided with operation types, and operation is prevented if 
operation types and data types are not consistent. 

12. (original) A method as claimed in claim 10, wherein input data may have an owner, 
and the process may be required to inform the owner of use of the input data. 

13. (currently amended) A method as claimed in claim 10, wherein input data may have 
an owner, and if so, the process may be required to obtain consent from the owner to 
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14. (original) A method as claimed in claim 5, wherein a process may be swapped 
between one discrete environment and another discrete environment. 

15. (original) A method as claimed in claim 1, wherein performance logging includes 
logging of input data to a process. 

16. (original) A method as claimed in claim 1, wherein performance logging includes 
logging of output data from a process. 

17. (original) A method as claimed in claim 1, wherein performance logging includes 
logging of program instructions executed in performance of a process. 

18. (original) A method as claimed in claim 1, wherein data logged is sampled 
according to a sampling process to provide the performance log. 

19. (original) A method as claimed in claim 18, wherein the sampling process is 
performed according to a function to provide irregular sampling. 

20. (original) A method as claimed in claim 1, where a digest of data logged is obtained 
as part of the performance logging data. 

21. (original) A method as claimed in claim 1, wherein the performance logging data is 
encrypted before it is sent to the requestor. 

22. (currently amended) A method as claimed in claim 1, wherein the specification 
establishes performance logging parameters for at least one some of the processes in the 
service. 



23. (currently amended) A method as claimed in claim 4, wherein the monitoring 
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process provides to the requestor an integrity metric of the computing platform to the 
requestor current when at the time the service was performed. 

24. (currently amended) A computing platform, comprising: 

a physically and logically protected computing environment, adapted to provide 
trustworthy data to appropriate users of the computing platform; and 

one or more compartments, arranged to operate in a sufficiently constrained 
manner that processes executed in a compartment are performed reliably; 

wherein specified processes may be executed for a user in the one or more 
compartments and the results of the specified processes returned to the user in 
trustworthy data from the protected computing environmentiand 

wherein the computing platform comprises a service management process 
adapted to receive a service description which includes levels of trust assigned to 
processes within the service, and to allocate at least one of the processes to the 
compartments . 

25. (original) A computing platform as claimed in claim 24, wherein one or more of said 
compartments are located outside the protected computing environment. 

26. (original) A computing platform as claimed in claim 24, wherein one or more of said 
compartments are located inside the protected computing environment. 

27. (original) A computing platform as claimed in claim 24, wherein each compartment 
contains a virtual computing engine. 

28. (original) A computing platform as claimed in claim 27, wherein the virtual 
computing engine is a Java virtual machine. 

29. (original) A computing platform as claimed in claim 24, wherein the protected 
computing environment contains a monitoring process adapted to measure the integrity 
of the computing platform. 
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30. (cancelled) 

31. (currently amended) A computing platform as claimed in claim 24 SO, wherein 
service management process is located within the protected computing environment. 



